摘要
随着Android系统迅速发展,Android应用软件广泛应用于人们日常生活与工作中,由此Android智能手机中存储了用户许多敏感数据。而Android应用软件漏洞的存在,造成用户敏感数据被恶意窃取的矛盾日渐突出。为了更好地保护用户隐私信息,论文提出一种Android应用软件漏洞检测方法:首先,对不同漏洞进行归类整理分析;然后,根据不同类别漏洞特征采用相应的检测方式;最后,基于所提出的分析方法,实现了Android软件漏洞检测原型工具,并用该工具检测了886个Android应用软件样本,检测结果表明论文所提的方法简便有效。
With the rapid development of the Android system, Android applicationsare widely used in people's daily life and work. So Android based smart phones store a large amount of users' sensitive data.The vulnerabilitiesof Android applicationsmake the users sensitive data leakage more seriously. To protectusers' privacy information effectively,this paper proposes a method of detecting Android software vulnerabilities. Firstly, the vulnerabilities of Android applications are analyzed and classified into several different types; then,corresponding detection algorithms are proposed based on the characteristics of each type of vulnerability; next, a prototype tool for detection of Android software vulnerabilitiesis designed and implemented based on the proposed method; Finally, the implemented tools is applied to detect 886 Android applications.The experimental result demonstratesthat the proposed method is efficient and effective.
出处
《网络空间安全》
2016年第9期54-62,共9页
Cyberspace Security
